workloadattestor systemd: dbus use of closed network connection

Fixes spiffe#4315 The connection to system bus is shared and should not be closed after use in order to avoid errors on concurrent usage. It is typical to share the connection in the same process as per this explanation: godbus/dbus#179 (comment) In case of errors, this shared connection will detect that and attempt to reconnect: https://github.com/godbus/dbus/blob/v5.1.0/conn.go#L124.
rkaippully · Jul 26, 2023 · f8fee6a · f8fee6a
1 parent a5050ef
commit f8fee6a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pkg/agent/plugin/workloadattestor/systemd/systemd_posix.go b/pkg/agent/plugin/workloadattestor/systemd/systemd_posix.go
@@ -68,11 +68,11 @@ func (p *Plugin) Attest(ctx context.Context, req *workloadattestorv1.AttestReque
 }
 
 func getSystemdUnitInfo(ctx context.Context, pid uint) (*DBusUnitInfo, error) {
+	// Do not close this connection because it is shared and will autoclose on errors
 	conn, err := dbus.SystemBus()
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed to open dbus connection: %v", err)
 	}
-	defer conn.Close()
 
 	// Get the unit for the given PID from the systemd service.
 	call := conn.Object(systemdDBusInterface, systemdDBusPath).CallWithContext(ctx, systemdGetUnitByPIDMethod, 0, pid)